Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/op2sUyazCSN-YKWL8dDP_MQtFGk.roa
File: op2sUyazCSN-YKWL8dDP_MQtFGk.roa (raw, json)
Hash identifier: Y4qRoeUau+z2DXwsk9MpkT69XhrUt1V5HJc5Poj56qE=
Subject key identifier: A2:9D:AC:53:26:B3:09:23:7E:60:A5:8B:F1:D0:CF:FC:C4:2D:14:69
Certificate issuer: /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial: 018CC6B884A012F903A3A68F06FEF9E761B8
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/op2sUyazCSN-YKWL8dDP_MQtFGk.roa
Signing time: Mon 01 Jan 2024 20:30:30 +0000
ROA not before: Mon 01 Jan 2024 20:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202152
IP address blocks: 185.49.132.0/22 maxlen: 22
185.49.132.0/23 maxlen: 23
185.49.134.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:84:a0:12:f9:03:a3:a6:8f:06:fe:f9:e7:61:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af935603e52e831537716d458b360192f99a3689
Validity
Not Before: Jan 1 20:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a29dac5326b309237e60a58bf1d0cffcc42d1469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:42:30:3d:1d:4d:2b:5e:0a:db:ec:17:ae:4d:
e8:2f:43:20:41:2b:36:ba:89:9a:fb:c5:f2:df:82:
ad:d4:5c:47:ce:cf:b5:3b:0b:47:2f:42:fb:e1:63:
77:c5:20:75:26:83:83:1a:f2:ba:cc:55:b6:5c:59:
2e:b5:e1:41:97:3b:26:49:a5:5a:4c:9c:88:69:80:
bf:34:76:f9:34:86:65:b6:8a:d8:ff:b3:4d:30:c4:
7c:8a:cf:30:d6:8c:4c:de:fe:59:62:d5:3e:72:0c:
cf:22:92:41:99:c5:97:0b:bb:84:62:e2:fa:00:da:
07:41:1f:99:48:5a:f4:82:f6:af:f9:c3:e3:1d:5b:
6a:55:62:10:47:7e:f7:16:42:86:f9:99:cd:7d:ee:
de:ad:71:88:17:c7:47:36:bb:0b:f3:db:6c:cb:8d:
e4:2c:af:b5:cb:d0:8e:75:17:68:ca:ec:dc:d7:16:
a7:f3:84:6a:a4:7b:b3:a1:7a:c4:f8:c6:58:05:02:
a1:37:09:47:f5:2e:74:04:dd:22:05:ff:2d:fe:c1:
c9:b2:09:34:15:a1:24:0f:de:e2:5e:74:24:c2:0a:
74:f4:3a:3d:91:36:8d:e7:96:fd:5f:48:57:da:23:
8d:6a:5e:0b:7b:30:5a:0e:d2:53:af:1e:0f:9b:0a:
ef:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9D:AC:53:26:B3:09:23:7E:60:A5:8B:F1:D0:CF:FC:C4:2D:14:69
X509v3 Authority Key Identifier:
keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/op2sUyazCSN-YKWL8dDP_MQtFGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.132.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:5b:3d:81:9f:f3:db:25:92:f1:80:f9:ab:32:5b:1e:3c:29:
7d:72:50:52:69:0d:d4:09:83:49:6e:9a:ed:51:fd:cd:6b:8b:
ed:cc:28:46:f1:32:97:9c:82:3f:9c:12:27:e0:21:f5:a0:5a:
77:63:33:ff:89:1d:f9:2a:cc:fe:52:ee:26:e4:0f:4b:63:9a:
d0:e9:29:68:9b:68:5e:af:6f:85:64:0a:b6:05:f9:50:8b:a9:
1c:0d:7f:8d:11:7f:d4:27:fe:1a:e7:e2:c0:26:46:37:26:6f:
8c:d2:f5:c7:a8:3e:e4:41:a7:24:da:8b:f0:90:47:29:c4:c3:
02:ad:d8:9c:8a:49:a2:8f:4e:01:db:d5:77:02:bf:f6:b7:22:
a4:16:83:54:8b:60:0b:51:1b:5c:ee:99:0c:4c:52:ba:72:36:
c5:c8:35:cd:41:7d:3c:33:3b:a2:bf:1f:94:bb:aa:f3:38:13:
f6:b1:91:f9:a8:f7:f6:d7:c4:3e:48:d6:7e:51:57:f6:98:9d:
32:f7:b4:d0:7e:83:fa:8d:74:37:31:37:05:19:ba:d8:70:23:
f9:7d:de:5d:ea:53:6d:c0:43:03:49:c6:7a:53:de:56:a8:6f:
e2:bd:bd:43:de:9f:0a:d8:49:83:4e:d7:de:2a:0d:d5:9d:3d:
64:5f:dc:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuISgEvkDo6aPBv7552G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjQwMTAxMjAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjlkYWM1MzI2YjMwOTIzN2U2MGE1OGJmMWQwY2ZmY2M0MmQxNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEIwPR1NK14K2+wXrk3oL0MgQSs2
uoma+8Xy34Kt1FxHzs+1OwtHL0L74WN3xSB1JoODGvK6zFW2XFkuteFBlzsmSaVa
TJyIaYC/NHb5NIZltorY/7NNMMR8is8w1oxM3v5ZYtU+cgzPIpJBmcWXC7uEYuL6
ANoHQR+ZSFr0gvav+cPjHVtqVWIQR373FkKG+ZnNfe7erXGIF8dHNrsL89tsy43k
LK+1y9COdRdoyuzc1xan84RqpHuzoXrE+MZYBQKhNwlH9S50BN0iBf8t/sHJsgk0
FaEkD97iXnQkwgp09Do9kTaN55b9X0hX2iONal4LezBaDtJTrx4PmwrvawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKdrFMmswkjfmCli/HQz/zELRRpMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvb3Ayc1V5YXpDU04tWUtXTDhkRFBfTVF0RkdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQAdWz2Bn/PbJZLxgPmrMlsePCl9clBSaQ3UCYNJbprt
Uf3Na4vtzChG8TKXnII/nBIn4CH1oFp3YzP/iR35Ksz+Uu4m5A9LY5rQ6Slom2he
r2+FZAq2BflQi6kcDX+NEX/UJ/4a5+LAJkY3Jm+M0vXHqD7kQack2ovwkEcpxMMC
rdicikmij04B29V3Ar/2tyKkFoNUi2ALURtc7pkMTFK6cjbFyDXNQX08Mzuivx+U
u6rzOBP2sZH5qPf218Q+SNZ+UVf2mJ0y97TQfoP6jXQ3MTcFGbrYcCP5fd5d6lNt
wEMDScZ6U95WqG/ivb1D3p8K2EmDTtfeKg3VnT1kX9ww
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:03:11 2024 by rpki-client on console-ams.rpki-client.org